Joe Lopes lopes
lopes
/ teslacoil.py
Last active
August 7, 2024 13:54
Monitors some log files and send new entries to syslog. #python #syslog #log #forwarder #diff #siem
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/local/bin/python3 | |
| ''' | |
| Monitors some log files and send new entries to syslog. | |
| This script requires a config file to import paths to the files. | |
| The main concept is that there are a repository with log files | |
| (which I call 'source files') and an auxiliary repository of | |
| files ('working files'). | |
| The idea here is to create a copy of source files in the work | |
| directory, then calculating the diff between the source files |
lopes
/ misp-parser.rb
Last active
August 7, 2024 13:57
MISP parser for Chronicle SIEM using Logstash format. #misp #chronicle #parser #logstash
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Product: MISP Threat Intelligence | |
| # Category: Information Security | |
| # Supported Format: JSON | |
| # Reference: https://medium.com/@thatsiemguy/how-to-integrate-misp-and-chronicle-siem-9e5fe5fde97c | |
| # Last Updated: 2024-06-01 | |
| filter { | |
| ## | |
| # BASIC VARIABLES ASSERTION AND FIELDS EXTRACTION | |
| # |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| #moth.py | |
| ''' | |
| Convert Kindle or O'Reilly annotations to JSON or Markdown format. | |
| Usage: | |
| moth.py -i <input> -o <output> [-s <source>] [-f <format>] | |
| Example: |
lopes
/ chronicle-list-cleaner.py
Last active
August 7, 2024 13:58
Cleans up lines in the reference lists in Chronicle SIEM with expired dates. #chronicle #gcp #functions #python #siem #list #management
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| Cleans up lines in the reference lists in Chronicle SIEM with expired dates. | |
| This script can be used to clean up some or all Reference Lists in Chronicle SIEM. | |
| It scans each list and removes expired lines with the same pattern it is set to | |
| monitor. Lines outside this pattern are just ignored. The pattern is: | |
| <value> // expires:YYYY-MM-DD | |
lopes
/ ghss-fetcher.py
Created
May 24, 2025 14:27
Reads all secret-scanning findings from GitHub and outputs them in a JSON file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| Reads all secret-scanning findings from GitHub and outputs them in a JSON file. | |
| Author: Joe Lopes <lopes.id> | |
| Date: 2025-05-24 | |
| License: MIT | |
| Usage: | |
| - A GitHub Fine Grained Personal Access Token (FGPAT) with sufficient permissions to read | |
| secret scanning findings |
OlderNewer